> antpstevens:
> Also, assuming you have RLS in place on Azure SQL Database, how do you pass the userID to the embedded PowerBI?
As far as I know, you can't do this with Power BI Embedded. If you're using Power BI Embedded, you can use the PowerBI Embedded REST API to configure that a specific SQL Database user account should be used when accessing a specific data set (by configuring the data set gateway with basic authentication). Using SQL Database RLS, you could filter the data visible to the users viewing the report. But this configuration will then be shared by all end-users viewing the report, which means that all users would use the same SQL Database user account and hence see exactly the same data. Also, if you change the user account configured for the data set, it seems like there's some initial refresh/caching issue, so if a user views the report, he would see old cached data for a few seconds before the data is refreshed and the new SQL database user credentials is taken into account. In other words, this looks like a no-go.
Also, be aware that there are really two different RLS's being involved here. The Power BI Service has it's own RLS-implementation. Using the Power BI Service web UI you can set up roles and link users to these roles. And then you can set up rules for the roles, defining what data should be shown. But this has nothing at all to do with the Azure SQL Database RLS. So if you you think about Azure SQL Database RLS and ask someone if Power BI Service supports RLS, and they say "yes", you should know that they might be talking about Power BI RLS and not SQL Database RLS.
> smoupre
> One route to go would be to publish your dashboard/report in the Service, configure RLS and then share it with everyone.
But then I would not be using Azure Power BI Embedded, and I could not embed the report in my web application, right? I have tens of thousands of users on thousands of companies, most of which probably does not have a Power BI Service/Office 365 user account. So the user experience would not be so good if they had to sign up on Office 365 just to see some reports.